public void SessionSetupRequest() { uint status = 0; SESSION_SETUP_Response?sessionSetupResponse = null; status = testClient.SessionSetup( testConfig.DefaultSecurityPackage, testConfig.SutComputerName, testConfig.AccountCredential, testConfig.UseServerGssToken, checker: (header, response) => { sessionSetupResponse = response; }); SessionEncryptDataType sessionEncryptDataType = sessionSetupResponse.Value.SessionFlags.HasFlag(SessionFlags_Values.SESSION_FLAG_ENCRYPT_DATA) ? SessionEncryptDataType.SessionEncryptDataSet : SessionEncryptDataType.SessionEncryptDataNotSet; SessionSetupResponse((ModelSmb2Status)status, sessionEncryptDataType, encryptionConfig); }
public static void SessionSetupResponse(ModelSmb2Status status, SessionEncryptDataType sessionEncryptDataType, EncryptionConfig c) { Condition.IsTrue(state == ModelState.Connected); Condition.IsTrue(config.IsGlobalEncryptDataEnabled == c.IsGlobalEncryptDataEnabled); Condition.IsTrue(config.IsGlobalRejectUnencryptedAccessEnabled == c.IsGlobalRejectUnencryptedAccessEnabled); if (ModelUtility.IsSmb3xFamily(config.MaxSmbVersionSupported) && !Smb2Utility.IsSmb3xFamily(negotiateDialect) && config.IsGlobalEncryptDataEnabled && config.IsGlobalRejectUnencryptedAccessEnabled) { ModelHelper.Log(LogType.Requirement, "3.3.5.5: 1. If the server implements the SMB 3.x dialect family, " + "Connection.Dialect does not belong to the SMB 3.x dialect family, EncryptData is TRUE, " + "and RejectUnencryptedAccess is TRUE, the server MUST fail the request with STATUS_ACCESS_DENIED."); ModelHelper.Log(LogType.TestInfo, "The server implements {0}, Connection.Dialect is {1}, EncryptData is TRUE and RejectUnencryptedAccess is TRUE", config.MaxSmbVersionSupported, negotiateDialect); ModelHelper.Log(LogType.TestTag, TestTag.Compatibility); Condition.IsTrue(status == ModelSmb2Status.STATUS_ACCESS_DENIED); return; } if (Smb2Utility.IsSmb3xFamily(negotiateDialect) && config.IsGlobalEncryptDataEnabled && config.IsGlobalRejectUnencryptedAccessEnabled && !Connection_ClientCapabilities_SMB2_GLOBAL_CAP_ENCRYPTION) { ModelHelper.Log(LogType.Requirement, "3.3.5.5: 2. If Connection.Dialect belongs to the SMB 3.x dialect family, " + "EncryptData is TRUE, RejectUnencryptedAccess is TRUE, " + "and Connection.ClientCapabilities does not include the SMB2_GLOBAL_CAP_ENCRYPTION bit, " + "the server MUST fail the request with STATUS_ACCESS_DENIED."); ModelHelper.Log(LogType.TestInfo, "Connection.Dialect is {0}, EncryptData is TRUE, RejectUnencryptedAccess is TRUE, " + "and Connection.ClientCapabilities does not include the SMB2_GLOBAL_CAP_ENCRYPTION bit.", negotiateDialect); ModelHelper.Log(LogType.TestTag, TestTag.Compatibility); Condition.IsTrue(status == ModelSmb2Status.STATUS_ACCESS_DENIED); return; } if (Smb2Utility.IsSmb3xFamily(negotiateDialect) && config.IsGlobalEncryptDataEnabled && (Connection_ServerCapabilities_SMB2_GLOBAL_CAP_ENCRYPTION || config.IsGlobalRejectUnencryptedAccessEnabled)) { ModelHelper.Log(LogType.Requirement, "3.3.5.5.3: 10. If global EncryptData is TRUE, the server MUST do the following: " + "If Connection.ServerCapabilities includes SMB2_GLOBAL_CAP_ENCRYPTION or RejectUnencryptedAccess is TRUE,"); Condition.IsTrue(sessionEncryptDataType == SessionEncryptDataType.SessionEncryptDataSet); Session_EncryptData = SessionEncryptDataType.SessionEncryptDataSet; } Condition.IsTrue(status == Smb2Status.STATUS_SUCCESS); Session_IsExisted = true; }
public static void SessionSetupResponse(ModelSmb2Status status, SessionEncryptDataType sessionEncryptDataType, EncryptionConfig c) { Condition.IsTrue(state == ModelState.Connected); Condition.IsTrue(config.IsGlobalEncryptDataEnabled == c.IsGlobalEncryptDataEnabled); Condition.IsTrue(config.IsGlobalRejectUnencryptedAccessEnabled == c.IsGlobalRejectUnencryptedAccessEnabled); if (ModelUtility.IsSmb3xFamily(config.MaxSmbVersionSupported) && !Smb2Utility.IsSmb3xFamily(negotiateDialect) && config.IsGlobalEncryptDataEnabled && config.IsGlobalRejectUnencryptedAccessEnabled) { ModelHelper.Log(LogType.Requirement, "3.3.5.5: 1. If the server implements the SMB 3.x dialect family, " + "Connection.Dialect does not belong to the SMB 3.x dialect family, EncryptData is TRUE, " + "and RejectUnencryptedAccess is TRUE, the server MUST fail the request with STATUS_ACCESS_DENIED."); ModelHelper.Log(LogType.TestInfo, "The server implements {0}, Connection.Dialect is {1}, EncryptData is TRUE and RejectUnencryptedAccess is TRUE", config.MaxSmbVersionSupported, negotiateDialect); ModelHelper.Log(LogType.TestTag, TestTag.Compatibility); Condition.IsTrue(status == ModelSmb2Status.STATUS_ACCESS_DENIED); return; } if (Smb2Utility.IsSmb3xFamily(negotiateDialect) && config.IsGlobalEncryptDataEnabled && config.IsGlobalRejectUnencryptedAccessEnabled && !Connection_ClientCapabilities_SMB2_GLOBAL_CAP_ENCRYPTION) { ModelHelper.Log(LogType.Requirement, "3.3.5.5: 2. If Connection.Dialect belongs to the SMB 3.x dialect family, " + "EncryptData is TRUE, RejectUnencryptedAccess is TRUE, " + "and Connection.ClientCapabilities does not include the SMB2_GLOBAL_CAP_ENCRYPTION bit, " + "the server MUST fail the request with STATUS_ACCESS_DENIED."); ModelHelper.Log(LogType.TestInfo, "Connection.Dialect is {0}, EncryptData is TRUE, RejectUnencryptedAccess is TRUE, " + "and Connection.ClientCapabilities does not include the SMB2_GLOBAL_CAP_ENCRYPTION bit.", negotiateDialect); ModelHelper.Log(LogType.TestTag, TestTag.Compatibility); Condition.IsTrue(status == ModelSmb2Status.STATUS_ACCESS_DENIED); return; } if (Smb2Utility.IsSmb3xFamily(negotiateDialect) && config.IsGlobalEncryptDataEnabled && Connection_ClientCapabilities_SMB2_GLOBAL_CAP_ENCRYPTION) { ModelHelper.Log(LogType.Requirement, "3.3.5.5.3: 10. If Connection.Dialect belongs to the SMB 3.x dialect family, global EncryptData is TRUE, " + "and Connection.ClientCapabilities includes the SMB2_GLOBAL_CAP_ENCRYPTION bit, the server MUST do the following:"); ModelHelper.Log(LogType.TestInfo, "Connection.Dialect is {0}, global EncryptData is TRUE, " + "and Connection.ClientCapabilities includes the SMB2_GLOBAL_CAP_ENCRYPTION bit", negotiateDialect); ModelHelper.Log(LogType.Requirement, "\tSet the SMB2_SESSION_FLAG_ENCRYPT_DATA flag in the SessionFlags field of the SMB2 SESSION_SETUP Response."); ModelHelper.Log(LogType.TestInfo, "SMB2_SESSION_FLAG_ENCRYPT_DATA flag is set in SESSION_SETUP Response."); Condition.IsTrue(sessionEncryptDataType == SessionEncryptDataType.SessionEncryptDataSet); Session_EncryptData = SessionEncryptDataType.SessionEncryptDataSet; } Condition.IsTrue(status == Smb2Status.STATUS_SUCCESS); }